The present disclosure is directed at a method for precisely warning a user in the event of inadvertent navigation to a web site different than the web site the user had planned to visit. The improved warning may maintain a higher threshold of activation and specific requirements must be met before it is given. Prior art browser security warnings may occur as often as every time a user sends and receives information from a web address. Thus, desensitizing users to security threats. Desensitized users tend to ignore warnings or deactivate browser security features.
More specifically, this disclosure addresses one of the more costly internet attacks involving malicious web sites designed to mimic legitimate web sites. For example, a financial web site which appears facially identical to a legitimate financial web site with the purpose of fraudulently obtaining sensitive information. The difference between a legitimate web site and a malicious web site may be limited to the presence (FIG. 2) or lack of (FIG. 3) a lock symbol in the lower right hand corner of a browser. The user may be directed to the malicious web site mimicking a trusted web site and thereby being duped into disclosing sensitive information.
Many web sites transfer information in a non-secure mode until after the user has entered sensitive account information (for example, a username and password). Once the sensitive information has been entered in the non secure mode, the browser may test a security certificate of the web site to determine if a valid certificate is present before allowing a secure connection. A malicious web site may use this opportunity (while the browser is in the non-secure mode) to extract sensitive information from the user.
The present disclosure is directed at a method to alert the user only to precise, real, and present security risks. This requires more intelligent security sensors and heuristics than is present in the prior art.